Untrusted MIDlet

To run the example as an untrusted MIDlet:

  1. Install the MIDlet suite in a MIDP 2.0 device or emulate the processes with the emulator that ships with the SDK, without signing the suite.

  2. Because the MIDlet is untrusted, the user is prompted for permission when the MIDlet tries to open an HTTP connection.

  3. If the user grants permission, the result will look as shown in the figure below.

    Figure 93: Untrusted MIDlet with user permission granted

  4. If the user denies access to the sensitive API, a SecurityException will be thrown as shown in the figure below.

    Figure 94: Untrusted MIDlet with user permission denied

Notice that the Function Group "Net Access" is by default set to "Ask every time" for the untrusted domain. This means that every time the Load command is invoked, the user will be prompted for access. It is possible to change this behavior in the device as shown in the figure in section Permissions framework.

Using, for example, the Series 40 MIDP 3rd Ed. FP 1 SDK this is implemented by changing the default domain the MIDlet suite is run into.

Note: Protection domain settings are set differently in different emulators. The example below is from S40 3rd Ed. FP1 SDK.

To change the default domain:

  1. In the emulator, select Tools > Preferences.

  2. Select the MIDP tab.

  3. Change the domain to, for example, the Trusted domain. The different domains available for the Series 40 MIDP 3rd Ed. FP 1 SDK, and its settings, are shown in the figure below:

  4. Select Set permissions to change individual permission available for the domain.

Figure 95: Protection domains

Using the Run MIDlets within security domain specified by their certificates mode, the SDK will attempt to perform the authorization and authentication procedure. Since the MIDlet suite was not signed, the emulator will run the suite under the untrusted protection domain.

© Nokia 2008.